Resiliency, staying afloat in the face of cyberthreats

A recovery plan that is practiced will make the enterprise more resilient.

Credit: Thinkstock

Today's reality is that if the enterprise uses networked computers, they will get hit at some point. Not having and practicing a recovery plan could be the doom of any organization.

John Bruce, CEO and co-founder at IBM Resilient said, "Resiliency is the ability of an organization to maintain its core purpose and integrity in the face of cyber incidents."

Cyber resiliency is a critical element of the overall organizational resiliency, which includes the many things that organizations grapple with in the real world. Bruce said that in the digital world, the enterprise should also have disaster-recovery plans.

"The whole notion of resiliency is a new phenomenon. It's tough to do in the cyber world," Bruce said.

The challenge is that resiliency is so much about the people, processes, and the technologies. When the disaster is one in the digital world, people often want to rely on technology as a fix.

It's not that easy. While it might have been cyber that created the disaster, the recovery and ability to return to productivity will need to focus on the people and processes as well.

"The overwhelming number of organizations do not feel they have a high degree of resiliency. We've seen that in many cases it's taken a long time to respond to these things," Bruce said.

Resiliency takes a long time to plan, but that most organizations "Either don't have a plan, or they don't use it in the way they should, but they need to sit down and really grapple with this stuff before they need to."

"Recovery isn't particularly sexy," said Alex McGeorge, senior penetration tester at Immunity. "It's that thing that they have to prepare for and practice and do, but it only really comes to save the day in their darkest hour."

Whether it's through ransomware or some other attack, if they are an accounting firm, and one-fourth of their CPAs get affected, that's huge. "Larger enterprises have personnel redundancy, so the impact isn't as significant, but the impact could even be a benign outage where everybody's desktop is fried," said McGeorge.

People want to believe they can recover from a back up but if they aren't practicing, the likelihood of recovery is minimized.

"You pay a vendor for a backup solution, but the actual process of trying to restore their accounting department from a backup today rarely happens," McGeorge said.

Security practitioners need to plan and preparr for disasters so that they know what their total time to return to productivity is, if all of the machines end up under water.